sessions

package

v1.2.0 Latest Latest Go to latest Published: Apr 1, 2019 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/buzzfeed/sso

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CreateMiscreantCookieCipher(cookieSecret []byte) func(s *CookieStore) error
func ExtendDeadline(ttl time.Duration) time.Time
func MarshalSession(s *SessionState, c aead.Cipher) (string, error)
type CSRFStore
type CookieStore
- func NewCookieStore(cookieName string, optFuncs ...func(*CookieStore) error) (*CookieStore, error)
type MockCSRFStore
type MockSessionStore
type SessionState
- func NewSessionState(value string, lifetimeTTL time.Duration) (*SessionState, error)
- func UnmarshalSession(value string, c aead.Cipher) (*SessionState, error)
type SessionStore

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrInvalidSession = errors.New("invalid session")

ErrInvalidSession is an error for invalid sessions.

View Source

var (
	// ErrLifetimeExpired is an error for the lifetime deadline expiring
	ErrLifetimeExpired = errors.New("user lifetime expired")
)

Functions ¶

func CreateMiscreantCookieCipher ¶

func CreateMiscreantCookieCipher(cookieSecret []byte) func(s *CookieStore) error

CreateMiscreantCookieCipher creates a new miscreant cipher with the cookie secret

func ExtendDeadline ¶

func ExtendDeadline(ttl time.Duration) time.Time

ExtendDeadline returns the time extended by a given duration

func MarshalSession ¶

func MarshalSession(s *SessionState, c aead.Cipher) (string, error)

MarshalSession marshals the session state as JSON, encrypts the JSON using the given cipher, and base64-encodes the result

Types ¶

type CSRFStore ¶

type CSRFStore interface {
	SetCSRF(http.ResponseWriter, *http.Request, string)
	GetCSRF(*http.Request) (*http.Cookie, error)
	ClearCSRF(http.ResponseWriter, *http.Request)
}

CSRFStore has the functions for setting, getting, and clearing the CSRF cookie

type CookieStore ¶

type CookieStore struct {
	Name               string
	CSRFCookieName     string
	CookieExpire       time.Duration
	CookieRefresh      time.Duration
	CookieSecure       bool
	CookieHTTPOnly     bool
	CookieDomain       string
	CookieCipher       aead.Cipher
	SessionLifetimeTTL time.Duration
}

CookieStore represents all the cookie related configurations

func NewCookieStore ¶

func NewCookieStore(cookieName string, optFuncs ...func(*CookieStore) error) (*CookieStore, error)

NewCookieStore returns a new session with ciphers for each of the cookie secrets

func (*CookieStore) ClearCSRF ¶

func (s *CookieStore) ClearCSRF(rw http.ResponseWriter, req *http.Request)

ClearCSRF clears the CSRF cookie from the request

func (*CookieStore) ClearSession ¶

func (s *CookieStore) ClearSession(rw http.ResponseWriter, req *http.Request)

ClearSession clears the session cookie from a request

func (*CookieStore) GetCSRF ¶

func (s *CookieStore) GetCSRF(req *http.Request) (*http.Cookie, error)

GetCSRF gets the CSRFCookie creates a CSRF cookie in a given request

func (*CookieStore) LoadSession ¶

func (s *CookieStore) LoadSession(req *http.Request) (*SessionState, error)

LoadSession returns a SessionState from the cookie in the request.

func (*CookieStore) SaveSession ¶

func (s *CookieStore) SaveSession(rw http.ResponseWriter, req *http.Request, sessionState *SessionState) error

SaveSession saves a session state to a request sessions.

func (*CookieStore) SetCSRF ¶

func (s *CookieStore) SetCSRF(rw http.ResponseWriter, req *http.Request, val string)

SetCSRF sets the CSRFCookie creates a CSRF cookie in a given request

type MockCSRFStore ¶

type MockCSRFStore struct {
	ResponseCSRF string
	Cookie       *http.Cookie
	GetError     error
}

MockCSRFStore is a mock implementation of the CSRF store interface

func (*MockCSRFStore) ClearCSRF ¶

func (ms *MockCSRFStore) ClearCSRF(http.ResponseWriter, *http.Request)

ClearCSRF clears the ResponseCSRF string

func (*MockCSRFStore) GetCSRF ¶

func (ms *MockCSRFStore) GetCSRF(*http.Request) (*http.Cookie, error)

GetCSRF returns the cookie and error

func (*MockCSRFStore) SetCSRF ¶

func (ms *MockCSRFStore) SetCSRF(rw http.ResponseWriter, req *http.Request, val string)

SetCSRF sets the ResponseCSRF string to a val

type MockSessionStore ¶

type MockSessionStore struct {
	ResponseSession string
	Session         *SessionState
	SaveError       error
	LoadError       error
}

MockSessionStore is a mock implementation of the SessionStore interface

func (*MockSessionStore) ClearSession ¶

func (ms *MockSessionStore) ClearSession(http.ResponseWriter, *http.Request)

ClearSession clears the ResponseSession

func (*MockSessionStore) LoadSession ¶

func (ms *MockSessionStore) LoadSession(*http.Request) (*SessionState, error)

LoadSession returns the session and a error

func (*MockSessionStore) SaveSession ¶

func (ms *MockSessionStore) SaveSession(rw http.ResponseWriter, req *http.Request, s *SessionState) error

SaveSession returns a save error.

type SessionState ¶

type SessionState struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`

	RefreshDeadline  time.Time `json:"refresh_deadline"`
	LifetimeDeadline time.Time `json:"lifetime_deadline"`
	ValidDeadline    time.Time `json:"valid_deadline"`
	GracePeriodStart time.Time `json:"grace_period_start"`

	Email  string   `json:"email"`
	User   string   `json:"user"`
	Groups []string `json:"groups"`
}

SessionState is our object that keeps track of a user's session state

func NewSessionState ¶

func NewSessionState(value string, lifetimeTTL time.Duration) (*SessionState, error)

NewSessionState creates a new session state TODO: remove this file when we transition out of backup using the payloads encryption

func UnmarshalSession ¶

func UnmarshalSession(value string, c aead.Cipher) (*SessionState, error)

UnmarshalSession takes the marshaled string, base64-decodes into a byte slice, decrypts the byte slice using the pased cipher, and unmarshals the resulting JSON into a session state struct

func (*SessionState) LifetimePeriodExpired ¶

func (s *SessionState) LifetimePeriodExpired() bool

LifetimePeriodExpired returns true if the lifetime has expired

func (*SessionState) RefreshPeriodExpired ¶

func (s *SessionState) RefreshPeriodExpired() bool

RefreshPeriodExpired returns true if the refresh period has expired

func (*SessionState) ValidationPeriodExpired ¶

func (s *SessionState) ValidationPeriodExpired() bool

ValidationPeriodExpired returns true if the validation period has expired

type SessionStore ¶

type SessionStore interface {
	ClearSession(http.ResponseWriter, *http.Request)
	LoadSession(*http.Request) (*SessionState, error)
	SaveSession(http.ResponseWriter, *http.Request, *SessionState) error
}

SessionStore has the functions for setting, getting, and clearing the Session cookie

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL